Just so you know, we use cookies on our website so that we can give you a better online experience. Read our Cookie Policy to find out more.

JavaScript is currently disabled on this computer/device. As such, cookies for this site are currently disabled.
In order to have access to all the features of our fully-optimised website, please enable your JavaScript settings
via your browser. For a list of all the cookies we use and what they do, please read our
Cookie Policy.

Cookies

How and why we use cookies

Cookies are your friends. We use them to make using our site even better, they help you log on to Online Banking, apply for products and services online and use our handy tools like our 'find and compare' mortgage calculators.

When you visit this site, we'll ask for your permission to use cookies and - we recommend you give us the okay. You can change your preference for tailored content cookies - take a look in the footer of each page.

Your questions answered

We will resist the temptation to talk about chocolate chips... Cookies are small text files that are sent to and stored on your computer, smartphone or other device when you visit a site. Cookies are useful because they allow a site to recognise your device.

We never use the data gathered through cookies to contact you via post, email or phone - it's not really our style. We might use cookies to show you subtly tailored content on our site or other websites, but only ever products and services we think you'll be interested in. You'll never see advertising on our site from anyone other than HSBC group companies and our agents.

The only time we use cookies to share personal information, like your name, address, telephone or email, is when you have given us express permission to by applying for a product or service. For example, if you were applying for a home insurance policy, we'd tell you that we're passing your details to our trusted home insurance policy provider.

The cookies we use are completely safe. In fact, many of them are used purely to provide important security features like protecting your data and your accounts.

We use cookies to safeguard your privacy when you're browsing our website. We also use them to let you find and compare mortgages and use secure online application forms. If you leave a secure session window open when you're logged in to Online Banking, we use cookies to enhance your security by prompting you to end (or automatically ending) your secure session.

Cookies can also allow us to tailor the content of our website to suit you. For example, instead of displaying promotional messages about products you already have, they let us show you other services you might be interested in.

Finally, we use 'analytics' cookies to help us make our website better for those who visit it regularly. They help us work out what users like and don't like and how we can improve things for you.

When we include links to other websites, please bear in mind they'll have their own privacy and cookie policies. We recommend you read their policies as we're not responsible or liable for anything they get up to.

Yes. Third parties are trusted suppliers to first direct, and include our insurance policy providers as well those partners who provide important functionality to our website.

We only use cookies from third parties in order to provide our customers with first direct and HSBC products and services. The only time cookies would enable us to share personal information such as your name, address, telephone or email is when you have given us express consent to pass it on to a trusted third party - for example, if you were applying for a home insurance product from one of our third party insurance providers.

You'll only ever be shown first directbranded ads on our website - never those from other companies. Of course, you might see first directbranded ads when browsing other companies' websites too. Some of these will be general campaign-related ads but others will be tailored to your likely interests based on your previous web browsing activity. These can be easily identified as they feature a small blue AdChoices icon in the corner of the advert.

Yes. We use email analytics and reporting tools to see how many of our emails are opened and which links receive the most clicks. Knowing which articles and topics our customers like, and which they don't, helps us improve our content and make our emails more relevant.

We maintain strict security standards and procedures to prevent unauthorised access to your information. We'll never contact you by email or otherwise to ask you to validate personal information like your user ID, password or account numbers. If you receive a request like this, it's probably someone up to no good - please call our online security team on03 456 100 234.

If you want to unsubscribe from marketing emails, simply follow the link in the footer of any marketing email you've received from us.

To amend your preference for tailored content cookies, please use the 'Manage your cookie preferences' tab within this Cookie Policy.

Please note, these preferences apply to firstdirect.com and all sub-domain websites mortgages.firstdirect.com.

The cookies we use cannot look into your computer, smartphone or web-enabled device and obtain information about you or your family or read any material kept on your hard drive.

Our cookies cannot be used by anyone else who has access to the computer to find out anything about you, other than the fact that someone using the computer may have visited a certain website. Our cookies do not in any way compromise the security of Online Banking.

To ensure we can provide suitable content to meet our customers' needs, all cookies have to be enabled if you want to access Online Banking.

All cookies have to be enabled if you want to access Online Banking. You can amend your preferences after you have logged off if you wish but we will ask for your consent to enable all cookies when you log on again.

While browsing our public website, you can choose to opt-out of tailored content cookies. However, when you log on to Online Banking all cookies will need to be enabled in order to ensure we can provide suitable content to meet your needs.

There are two types of first directadverts shown on other companies' websites. The first are general campaign-related adverts that are not targeted based on your browsing behaviour, from which you cannot opt out. The second are targeted adverts which are being shown to you because of your likely interests based upon previous web browsing activity. These can be easily identified as they feature a small blue AdChoices icon in the corner of the advert.

To disable all targeted adverts from first direct, please visit Your Online Choices where you will be able to opt out of the Microsoft Advertising network. Please note, by opting out of Microsoft Advertising, this will disable targeted adverts for HSBC and any other companies that use this network. For further details, please visit the AdChoices website.

If you wish to opt out of all cookies for this website and any other website, you can do this through your browser settings. Your browser's 'help' function will tell you how to do this.

However, please remember that cookies are often used to enable and improve certain functions on our website. If you choose to switch certain cookies off, it is likely to affect how our website works. For example, if your browser is set to disable 'session' cookies, although you will still be able to view our public website, you won't be able to log on to Online Banking.

JavaScript is required to manage your cookie preferences. If your browser has JavaScript disabled, tailored content cookies will be disabled too. To manage your cookie preferences and experience an optimised version of our website, make sure your browser has JavaScript enabled. Depending on which browser you're using, this function is usually found under 'tools', 'options' or 'preferences'.

Manage your preferences

Know your cookies

We use several different types of cookie, which we call "essential cookies", "functionality and performance cookies", and "tailored content cookies". Each one works in a slightly different way, and you can find out more about each one here.

Cookie name

What is the purpose of this cookie

pfmDownloadCookie

Added to ask a user permission before downloading Personal Finance Manager within Online Banking. Once it has been downloaded it expires to avoid asking the user permission again.

bcap cookiesenabled

Used to check Netscape browser settings to ensure that the functionality on Online Banking is compatible with the version being used.

friendly name

This cookie is used to ensure you remain logged in for your Online Banking session, ensuring that log in credentials don't need to be re-entered each time you navigate between pages on Online Banking.

JSESSIONID

This cookie is used to makes sure it's only you navigating through your session. It checks that no one else is accessing the same session from a different browser, such as potential fraudsters (hijacking).

isMobile / isiPhone

Records your device and detects if it's a mobile or not, in order to direct the user to the correct log in page i.e. desktop or mobile (Android, BlackBerry, iPhone etc.).

LB_COOKIE_1

Several servers are used to run the site. This cookie ensures that users are split equally between these servers when accessing the site to stop traffic building up on one particular server and slowing down the service.

FIRSTDIRECT-IB-WDC / FIRSTDIRECT-AO-WDC

Ensures your session stays stuck to the same server. Without this cookie users would be disconnected from the server on a regular basis. It's a session cookie that expires when the session expires.

fd_msc / fd_tid

This cookie is used to track your journey from an affiliate website to ensure the correct campaign offer is displayed when reaching our website. For example our exclusive offers with partners such as moneysupermarket.com.

com.ibm.portal.​SUA_WPReqURL

This cookie is added when you need to be authenticated mid-way through a process. For example, making a payment and Verified by Visa. The cookie will make sure you're returned to the correct page (the page you left) after entering your security credentials.

FDAUSERNAME / EWUSER

Ensures your Online Banking Plus session stays stuck to the same server. It is a session cookie that is used to remember the user while they are logged in to Online Banking Plus. It expires when the user logs out.

FDASESSIONCOOKIE / EWSESS

These are authentication cookies for Internet Banking Plus and confirm that you've been authenticated.

Used to help store your encrypted security information that's required to use Internet Banking Plus.

checkit

Enables you to carry out actions within Internet Banking Plus, allowing you to access their encrypted security information when required.

lastRun

Used to time stamp and record when you last used your iPhone App. After 90 days, your user name is cleared for added security.

firstdirect_comp

Used in our Facebook Apps to identify you by the software framework.

fbs_XXXXXXXXXX

Stores your access token (permissions) so that you don't have to accept the permissions screen the next time you access a first direct Facebook app.

ASPSESSIONIDCQDAABTS

This is used when you're logging into the first directory members' microsite. It's used to recognise your browser and the server session. No user details are stored within this cookie.

__uiudc

This is a security cookie used if fraudulent activity is detected (malware). In the event of any activity being detected, the cookie sends us details to investigate.

PORTAL

This cookie is used to ensure you're authorised to complete a given function. It's issued once you've logged in and allows you to remain authenticated on navigation between web pages. The cookie contains no user or sensitive data, such as user IDs or passwords and is automatically deleted once you close your web browser.

smnradmin

This cookie is used for the administration and content management system for Social Media Newsroom. It ensures the website knows an administrator is logged in and authenticated.

firstdirect_mortgages

This is a very important session cookie for security. This cookie can identify that it's the same customer navigating through pages in a session by browser. Without it the server can't identify the specific user from another user that could be on that same session using a different browser.

native-app

This cookie identifies the version of the App that you're using.

device-type

This cookie identifies the device that you're using to access our App - including the iOS model of device (e.g. iPhone or iPad).

device-id

This cookie identifies your device UUID - so we can recognise you and your device.

mobile_support_type

This cookie identifies whether you're on an iOS or Android device.

Cookie name

What is the purpose of this cookie

utag_main

This cookie is used by Tealium, which manages the tags on our website. It contains a unique identifier, and other anonymous information.

These cookies allow us to display multiple variants of a page design to help us determine which our users prefer. They don't record any personal information.

AMVC_###@AdobeOrg

This cookie is used by Adobe Analytics to identify a unique visitor.

s_cc

This cookie is used by Adobe Analytics. It is set and read by the JavaScript code to determine if cookies are enabled (simply set to "True").

s_sq

This cookie is used by Adobe Analytics. It is set and read by the JavaScript code when the ActivityMap functionality is enabled; it contains information about the previous link on this site that was clicked on by the user.

mbox

This cookie is used by Adobe Target. It keeps a number of values to manage how visitors experience Target campaigns.

demdex

This cookie contains the demdex ID which is used to track users across the different Adobe products used on our sites.

TEAL

This cookie will be used to store session based information on which product ids have been viewed on this site.

tms-ref

This cookie will be used to store the session referrer.

cml

If you've logged on to Online Banking and then want to apply for an account, this cookie's added to allow you to progress through the online application within the same session (avoiding the need for you to log on again).

hmcib

This cookie is used with our 'How much can I borrow?' calculator to remember that you've confirmed reading the 'Key Facts' information, allowing full use of the mortgage tool without being required to complete this step for each use of the calculator.

resident

This recognises whether you're a UK resident by using your IP address. As our services are only available to UK residents, any visitors accessing the site from outside of the UK will see a message to let them know.

reader

Identifies which version of Adobe Reader you're running to let you know if you need to update to a compatible version. This information is stored in a cookie so that this check doesn't need to be done each time a new page is loaded, speeding up the page load to provide a better experience.

flash

This cookie identifies which version of flash player you're running to let you know if you need to update to a compatible version

fontSize

This cookie is used to remember your preferences for our website, like browser font sizes or colour contrasts - so they're the same next time you visit.

EWPAGE

Stores the ID of the page you've navigated from to get to the log on page.

ak

Used to detect if you have Rapport Security software installed on your device, both to notify you and provide statistics.

cookie_disclaimer

We use this to display a banner on our website informing everyone we have an updated cookie policy. The cookie records the number of times the banner has been displayed so it can be removed after the third view.

WT_FPC, ACOOKIE

This cookie is used for Webtrends. The Webtrends cookie is used solely to help identify general customer behaviour over time, so we can understand how many people are coming back to the site, how often and how it's being used. This information helps us to make ongoing improvements. No personal information is stored in the cookie, nor do we extract any data from your machine. You can read more about what it does at www.webtrends.com Opens an overlay [Will show a security message first]. You'll also find a comprehensive privacy policy there that will provide you with even more detail about what it does and how it does it.

AA002, MUID, ANON, NAP

These cookies are used for Atlas solutions which track the effectiveness of adverts and feed into reports that are used to make improvements and optimise effectiveness. It holds no personal information and provides an overview of the number of clicks on a particular site on a particular day.

atlas tag (an alternative mechanism to cookies)

As an alternative mechanism to cookies, atlas tags allow us to track which banners visitors to the site have clicked on from third party websites. This means that the affiliate displaying our advertising banners can be paid accurately for the advertising space. Atlas tags also allow the effectiveness of the advertising or relationship with the affiliate to be monitored.

Google Analytics Tracking, __utma, __utmb, __utmc and __utmz

These cookies allow the Google Analytics tool to track usage of our Facebook and first directory member site pages.

locale

Contains the display locale of the last logged in user on the browser.

Isd

Contains a random value that is set when a Facebook user logs out, in order to prevent cross-site request forgery.

reg_fb_gate

Contains the first Facebook page that the web browser visited.

reg_fb_ref

Contains the last Facebook page that the web browser visited.

gz, fr

This is a 3rd party cookie that enables sharing of content from first direct sites to Facebook.

These cookies allocate a unique number to your device. Our Live Chat service uses these cookies to track how you use our website and decide whether to invite you to launch a chat session, create and maintain the session, and keep the session secure.

Cookie name

What is the purpose of this cookie

NSC_GjstuEjsfdu and TCID

Looks at your behaviour to understand what content you're interested in on firstdirect.com and displays appropriate relevant content based on this information.

cm

Identifies visitors to firstdirect.com as customers or non customers for marketing purposes, so that we can ensure we are displaying appropriate content.

lu

Manages log on options such as 'Keep me logged on'.

googleads.g.doubleclick.net

This records when you browse certain product areas on our site so we can show you targeted adverts about those products when you're browsing other companies' sites or searching online. For more details, please read our FAQs on opting out of first direct advertisements.

This Google DoubleClick cookie is an anonymous, unique identifier used to track the effectiveness of our advertising. This data then feeds into performance reports. It holds no personal information and provides an overview of the volume of clicks and applications on a particular site on a particular day. It also enables Google and its partners to track and serve our advertisements on other websites across the Internet based on your visit history (or behavioural profile) with the aim to drive consumers to the HSBC website or engagement with our online marketing, which may include emails. Recent click history for your device is also collected in encrypted form, this allows external advertisers to target users of the device with adverts based on perceived interests. The cookie doesn't store the IP address, but this is passed through to Google along with cookie by the browser. Google then renders the IP address unreadable by removing the last 3 characters. No personally identifiable data is collected or stored. This is a third-party cookie.

This records which pages of the website you browse so we can show you relevant ads based on the products you view. We hold no identifiable information and all information is 'hashed', i.e. encrypted so it cannot be viewed by first director third-party companies, including Facebook.

This allocates temporary cookies to every user which visits first direct pages. This is anonymous data which allows first direct to tailor their advertising to the cookie in the future based on their behaviour on site.

Conversion pixels are implemented to measure the impact of an advertising campaign by measuring the number of actions completed. E.g. submitting an application or downloading a brochure.

Retargeting pixels drop temporary cookies to every user landing on first direct pages. This is anonymous data which allows first direct to tailor their advertising to the cookie in the future based on their behaviour on site.

Conversion pixels are implemented to measure the impact of an advertising campaign by measuring the number of actions completed. E.g. submitting an application or downloading a brochure.

The Bing remarketing tag builds audiences of users who have visited specific pages on the first direct site so we can show them relevant messaging in the future. No personally identifiable information is collected.

This allocates cookies to every user which visits first direct pages. This is anonymous data which allows first direct to tailor their advertising to the cookie in the future based on their behaviour on site.

Conversion pixels are implemented to measure the impact of an advertising campaign by measuring the number of actions completed. E.g. submitting an application or downloading a brochure.

This cookie provides the coordinating reference for information on the user’s activity during the session. The timestamp enables us to identify extended periods of inactivity and so classify those as a new session. The 4 digit load balancer id is a random reference that remains constant through the session for the use of the operator’s load balancers

<csaid>uvt

This cookie allows us to tie together user activity between user sessions using the uvt reference. The cookie name varies with the csaid.

<csaid>DBID

This cookie ensures that all data from one user is sent by the system to the same database or real-time server. The cookie name varies with the csaid.

<csaid>Key

This cookie protects the system from attempts to spoof the session reference. The session reference alone is a simple long integer which rises monotonically as new sessions arrive and is thus easy to predict. The session key is random and unpredictable. The system checks that both are present and consistent. The cookie name varies with the csaid.

<csaid>SF

If set CSA assumes comms failure and will no longer communicate with the server. It is there to protect the operation of the site from failures in network or Celebrus systems. The cookie name varies with the csaid.

<csaid>CDuvt

This cookie is only present where the operator has configured the system to maintain a consistent unique visitor tracking reference across the domains that they own/operate. It is used to transfer the uvt reference between domains. It is not effective where a user has his browser configured to block third party cookies or where another unique visitor reference is present in an affected domain. The cookie name varies with the csaid.

<csaid>P3P

This cookie indicates to the system the state of opt-out of the user from full collection through anonymous collection to no collection at all. It is only present if a user has interacted with an opt-out dialogue. The cookie name varies with the csaid.

vtz47gabsosd

This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the session reference between domains. It is not effective where a user has his browser configured to block third party cookies. The cookie name varies with the csaid.

<csaid>CDID

This cookie is only present where the operator has configured the system to maintain a consistent session reference across the domains that they own/operate. It is used to transfer the database id and real-time server id between domains. It is not effective where a user has his browser configured to block third party cookies. The key is the security key mentioned above. The cookie name varies with the csaid.